From 5079b38a9af1d66ad720005d7487dd711a0cb713 Mon Sep 17 00:00:00 2001
From: Christopher Koch <chrisko@google.com>
Date: Fri, 8 Feb 2019 10:50:14 -0800
Subject: Keep FilePayloads open on server side until after RPC completed.

Prevents URPC FDs from being closed mid-call, especially if they
are used as raw FDs.

PiperOrigin-RevId: 233087955
Change-Id: I815a2ff32cc5f03774605aef0b35a32862f8e633
---
 pkg/urpc/BUILD   |  1 +
 pkg/urpc/urpc.go | 12 ++++++++++++
 2 files changed, 13 insertions(+)

(limited to 'pkg/urpc')

diff --git a/pkg/urpc/BUILD b/pkg/urpc/BUILD
index 36cae67e1..0192fb35b 100644
--- a/pkg/urpc/BUILD
+++ b/pkg/urpc/BUILD
@@ -8,6 +8,7 @@ go_library(
     importpath = "gvisor.googlesource.com/gvisor/pkg/urpc",
     visibility = ["//:sandbox"],
     deps = [
+        "//pkg/fd",
         "//pkg/log",
         "//pkg/unet",
     ],
diff --git a/pkg/urpc/urpc.go b/pkg/urpc/urpc.go
index 753366be2..6d528b180 100644
--- a/pkg/urpc/urpc.go
+++ b/pkg/urpc/urpc.go
@@ -29,6 +29,7 @@ import (
 	"runtime"
 	"sync"
 
+	"gvisor.googlesource.com/gvisor/pkg/fd"
 	"gvisor.googlesource.com/gvisor/pkg/log"
 	"gvisor.googlesource.com/gvisor/pkg/unet"
 )
@@ -71,6 +72,11 @@ type FilePayload struct {
 	Files []*os.File `json:"-"`
 }
 
+// ReleaseFD releases the indexth FD.
+func (f *FilePayload) ReleaseFD(index int) (*fd.FD, error) {
+	return fd.NewFromFile(f.Files[index])
+}
+
 // filePayload returns the file. It may be nil.
 func (f *FilePayload) filePayload() []*os.File {
 	return f.Files
@@ -268,6 +274,12 @@ func (s *Server) handleOne(client *unet.Socket) error {
 		return err
 	}
 
+	// Explicitly close all these files after the call.
+	//
+	// This is also explicitly a reference to the files after the call,
+	// which means they are kept open for the duration of the call.
+	defer closeAll(newFs)
+
 	// Start the request.
 	if !s.clientBeginRequest(client) {
 		// Client is dead; don't process this call.
-- 
cgit v1.2.3